New
#1
Today, we are releasing the .NET April 2024 Updates. These updates contain security and non-security improvements. Your app may be vulnerable if you have not deployed a recent .NET update.
You can download 8.0.4, 7.0.18 and, 6.0.29 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.
- Installers and binaries: 8.0.4 |7.0.18 | 6.0.29
- Release notes: 8.0.4 | 7.0.18 | 6.0.29
- Container images
- Linux packages: 8.0.4 | 7.0.18 | 6.0.29
- Release feedback/issue
- Known issues: 8.0 | 7.0 | 6.0
Windows Package Manager CLI (winget)
You can now install .NET updates using the Windows Package Manager CLI (winget):
- To install the .NET 8 runtime: winget install dotnet-runtime-8
- To install the .NET 8 SDK: winget install dotnet-sdk-8
- To update an existing installation: winget upgrade
See Install with Windows Package Manager (winget) for more information.
Improvements
Security
CVE-2024-21409 | .NET Elevation of Privilege Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 ,and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A use-after-free vulnerability exists in WPF which may result in Elevation of Privilege when viewing untrusted documents.
Visual Studio
See release notes for Visual Studio compatibility for .NET 8.0, .NET 7.0 and, .NET 6.0.
https://devblogs.microsoft.com/dotne...-2024-updates/